<%@ Page language="vb" CodeFile="addVehicleStep2.aspx.vb" Inherits="addVehicleStep2_aspx_vb" %>

<%
    rowNumber = 0
    partnerID = Request.QueryString("partnerID")
    If Len(partnerID) = 0 Then 
        Response.Redirect("addVehicleStep1.aspx?subDo=%20-%20CHOOSE%20A%20PARTNER")
    Else
        partnerID = CLng(partnerID)
    End IF
    If (Request.QueryString("do")) = Nothing Then 
        subDo = Request.QueryString("subDo")
        Over()
        strJS = ""
        strJS = strJS + "[""dealer"", ""==''""],"
        strJS = strJS + "[""city"", ""==''""]"
        checkFields()
        Response.Write("<table cellpadding='0' cellspacing='0' border='0' width='1000'>")
        Response.Write("<tr>")
        Response.Write("<td valign='top'>")
        Response.Write("<table cellpadding='2' cellspacing='2' width='450'>")
        Response.Write("<tr><td class='headline' colspan='3'>CHOOSE A CAR DEALER - STEP 2 OF 7<font color='#fcbc00'>" & subDo & "</font><hr class='hrHeadline'></td></tr>")
        Response.Write("<form action='addVehicleStep2.aspx?do=selection&partnerID=" & partnerID & "' method='post'>")
        Response.Write("<tr>")
        Response.Write("<td class='formBold'>Dealer:</td>")
        Response.Write("<td align='right'>")
        Response.Write("<select name='dealerID' id='dealerID'>")
        Response.Write("<option value=''> Select dealer  ")
        dbOpen()
        RecSet = Conn.Execute("Select dealerID, dealer, city From tblDealer Where partnerID = " & partnerID & " Order By dealer")
        If Not RecSet.EOF Then 
            Do Until RecSet.EOF
                dealerID = RecSet.Fields("dealerID").Value
                dealer = RecSet.Fields("dealer").Value
                city = RecSet.Fields("city").Value
                Response.Write("<option value='" & dealerID & "'> " & dealer & ", " & city & " ")
                RecSet.MoveNext()
            Loop
        End IF
        RecSet.Close()
        RecSet = Nothing
        dbClose()
        Response.Write("<option value=''> -------------------------------------- ")
        Response.Write("</select>")
        Response.Write("</td>")
        Response.Write("</tr>")
        Response.Write("<tr><td align='right' colspan='2'><input type='submit' value='Step 3'></td></tr>")
        Response.Write("</form>")
        Response.Write("<tr><td colspan='3'><hr class='hrHeadline'></td></tr>")
        Response.Write("<form action='addVehicleStep2.aspx?do=save&partnerID=" & partnerID & "' method='post' onsubmit=""javascript:return checkFields();"">")
        Response.Write("<tr><td colspan='3'>If you can't find the specific car dealer above, please create a new one in the form below.</td></tr>")
        Response.Write("<tr><td class='formBold'>Car dealer:</td><td align='right'><input type='text' name='dealer' id='dealer' size='40' maxlength='50'></td><td><div id='error_dealer' class='edit_error'>&laquo; OBS!</div></td></tr>")
        Response.Write("<tr><td class='formBold'>City:</td><td align='right'><input type='text' name='city' id='city' size='40' maxlength='50'></td><td><div id='error_city' class='edit_error'>&laquo; OBS!</div></td></tr>")
        Response.Write("<tr><td class='formBold'>Areacode:</td><td align='right'><input type='text' name='areacode' id='areacode' size='40' maxlength='50'></td></tr>")
        Response.Write("<tr><td class='formBold'>Telephone:</td><td align='right'><input type='text' name='telephone' id='telephone' size='40' maxlength='50'></td></tr>")
        Response.Write("<tr><td class='formBold'>Email:</td><td align='right'><input type='text' name='email' id='email' size='40' maxlength='50'></td></tr>")
        Response.Write("<tr><td class='formBold'>Password:</td><td align='right'><input type='text' name='pwd' id='pwd' size='40' maxlength='50'></td></tr>")
        Response.Write("<tr><td align='right' colspan='2'><input type='submit' value='Save'></td></tr>")
        Response.Write("</form>")
        Response.Write("<tr><td colspan='3'><hr class='hrHeadline'></td></tr>")
        Response.Write("</table>")
        Response.Write("</td>")
        Response.Write("<td width='100'></td>")
        Response.Write("<td valign='top'>")
        Response.Write("<table cellpadding='2' cellspacing='2' width='450'>")
        Response.Write("<tr><td class='headline' colspan='2'>SUBSCRIPTION PROCESS<hr class='hrHeadline'></td></tr>")
        dbOpen()
        RecSet = Conn.Execute("Select p.partnerName, c.country From (tblPartner p INNER JOIN tblCountry c ON c.countryID = p.countryID) Where p.partnerID = " & partnerID & "")
        If RecSet.EOF Then 
            Response.Redirect("addVehicleStep1.aspx?subDo=%20-%20CHOOSE%20A%20PARTNER")
        Else
            partnerName = RecSet.Fields("partnerName").Value
            country = RecSet.Fields("country").Value
        End IF
        RecSet.Close()
        RecSet = Nothing
        dbClose()
        Response.Write("<tr bgcolor='#eeeeee'><td>Country:</td><td>" & country & "</td></tr>")
        Response.Write("<tr><td>Partner:</td><td>" & partnerName & "</td></tr>")
        Response.Write("<tr><td colspan='2'><hr class='hrHeadline'></td></tr>")
        Response.Write("</table>")
        Response.Write("</td>")
        Response.Write("</tr>")
        Response.Write("</table>")
        Under()
    ElseIf Request.QueryString("do") = "save" Then 
        dealer = Request.Form("dealer")
        city = Request.Form("city")
        areacode = Request.Form("areaCode")
        telephone = Request.Form("telephone")
        email = Request.Form("email")
        pwd = Request.Form("pwd")
        userID = fragusLeasingUserID
        dbOpen()
        RecSet = Conn.Execute("Select countryID From tblPartner Where partnerID = " & partnerID & "")
        If RecSet.EOF Then 
            Response.Redirect("addVehicleStep1.aspx?subDo=%20-%20CHOOSE%20A%20PARTNER")
        Else
            countryID = RecSet.Fields("countryID").Value
        End IF
        RecSet.Close()
        RecSet = Nothing
        dbClose()
        If Len(dealer) > 0 Then 
            dealer = Trim(dealer)
            dealer = Replace(CStr(dealer), "'", "")
            dealer = Replace(CStr(dealer), """", "")
            dealer = Replace(CStr(dealer), "<", "")
            dealer = Replace(CStr(dealer), ">", "")
            dealer = Replace(CStr(dealer), "=", "")
        End IF
        If Len(city) > 0 Then 
            city = Trim(city)
            city = Replace(CStr(city), "'", "")
            city = Replace(CStr(city), """", "")
            city = Replace(CStr(city), "<", "")
            city = Replace(CStr(city), ">", "")
            city = Replace(CStr(city), "=", "")
        End IF
        If Len(areacode) > 0 Then 
            areacode = Trim(areacode)
            areacode = Replace(areacode, "'", "")
            areacode = Replace(areacode, """", "")
            areacode = Replace(areacode, "<", "")
            areacode = Replace(areacode, ">", "")
            areacode = Replace(areacode, "=", "")
        End IF
        If Len(telephone) > 0 Then 
            telephone = Trim(telephone)
            telephone = Replace(telephone, "'", "")
            telephone = Replace(telephone, """", "")
            telephone = Replace(telephone, "<", "")
            telephone = Replace(telephone, ">", "")
            telephone = Replace(telephone, "=", "")
        End IF
        If Len(email) > 0 Then 
            email = Trim(email)
            email = Replace(email, "'", "")
            email = Replace(email, """", "")
            email = Replace(email, "<", "")
            email = Replace(email, ">", "")
            email = Replace(email, "=", "")
        End If
        If Len(pwd) > 0 Then
            pwd = Trim(pwd)
            pwd = Replace(pwd, "'", "")
            pwd = Replace(pwd, """", "")
            pwd = Replace(pwd, "<", "")
            pwd = Replace(pwd, ">", "")
            pwd = Replace(pwd, "=", "")
        End If
        dbOpen()
        Conn.Execute("Insert Into tblDealer (userID, countryID, partnerID, dealer, city, areacode, telephone, email, pwd) Values(" & userID & "," & countryID & "," & partnerID & ",'" & dealer & "','" & city & "','" & areacode & "','" & telephone & "','" & email & "','" & pwd & "')")
        dbClose()
        dbOpen()
        RecSet = Conn.Execute("SELECT MAX(dealerID) AS dealerID FROM tblDealer")
        dealerID = RecSet.Fields("dealerID").Value
        RecSet.Close()
        RecSet = Nothing
        dbClose()
        If Len(pwd) = 0 Then
            dbOpen()
            Conn.Execute("Update tblDealer Set pwd = NULL Where dealerID = " & dealerID & "")
            dbClose()
        End If
        Response.Redirect("addVehicleStep3.aspx?partnerID=" & partnerID & "&dealerID=" & dealerID & "")
    ElseIf Request.QueryString("do") = "selection" Then
        dealerID = Request.Form("dealerID")
        If Len(dealerID) > 0 Then
            Response.Redirect("addVehicleStep3.aspx?partnerID=" & partnerID & "&dealerID=" & dealerID & "")
        Else
            Response.Redirect("addVehicleStep2.aspx?partnerID=" & partnerID & "&subDo=%20-%20CHOOSE%20A%20CAR%20DEALER")
        End If
    End If

%>
